Risk Analysis and Control of software development projects

Abstract:This article analyzes the current risks in the software industry, lists the risk sources of software development projects, and analyzes the causes of various risks and the impact on the success or failure of the project, finally, we provide suggestions on Risk Management and Control for software development projects.

　　Keywords:Software development risk analysis risk management and control

I. Risk background of software development projects

The development of the information industry is currently one of the fastest-growing industries and the industry that has the greatest impact on society. It not only creates huge wealth for us, in addition, we have changed our lives from every aspect to an industry, ranging from a service. We have to admit that software is the most incredible product of the 21st century.

With the continuous update of software development technologies, the increasing number of software, the increasing complexity of software, and the increasing requirements of customers on products, software development projects bring huge risks to software development enterprises and demand enterprises. The success of software development projects directly affects the company's survival. This should be a greater challenge for software development enterprises. On the one hand, business needs are more complex. Expectations for the quality and purpose of software are greatly improved, and requirements for business systems are becoming increasingly demanding. On the other hand, development costs are constantly reduced. Under such circumstances, risk management and control have become the key to the success or failure of software development projects.

Software development projects are highly risky due to their continuity, complexity, little reference, and no standard specification. At present, most software development enterprises in China still lack awareness of the risks of software development projects, and lack of systematic and effective measurement and evaluation methods. According to the survey data, 15-35% of software projects were canceled midway through, and the remaining projects were either out-of-date or out-of-budget or unable to meet expectations. In addition, software project failures account for about 90% due to risk control and management. This shows the importance of Software Risk Control and Management in current software development projects.

2. Risk Sources of software development projects and their impact on project success or failure

Software development project risks refer to all budget, progress, control, and other issues encountered during the software life cycle, as well as the impact of these problems on software projects. Software Project risks often involve many aspects, such as lack of user participation, lack of support from senior management, vague requirements, and lack of planning and management, in general, five aspects should be taken into consideration.

1. Product scale risks

Project risks are directly proportional to the product scale. Common risk factors related to software scale include: (1) methods for estimating product scale (including code lines, number of files, function points, etc.), and (2) Trust in product scale estimation, (3) deviation between product scale and Average Scale of previous products; (4) number of product users; (5) Number of reusable software; and (6) change of product requirements. Generally, the larger the product scale, the more prominent the above problems, especially the estimation of the product scale method, the number of reusable software, and the demand changes.

2. Demand risks

Many projects are faced with some uncertainties when determining their needs. When these uncertainties are tolerated in the early stages of the project and cannot be resolved during the project's progress, these problems will pose a great threat to the project's success. If you do not control the risk factors related to the demand, it is very likely that the wrong product will be generated or the expected product will be poorly constructed. Every situation can be fatal to the product. Blog.mypm.net

Customer-related risk factors include: (1) lack of a clear understanding of the product, (2) Lack of recognition of product requirements, (3) insufficient customer participation in the demand, and (4) no priority requirements, (5) New markets due to uncertain needs, (6) changing demands, (7) Lack of effective demand change management processes, (8) lack of Relevant Analysis on demand changes.

3. Correlation risk www.mypm.net

Many risks are caused by the correlation of the project's external environment or factors. We often do not do enough to control external relevance. Therefore, mitigation policies should include a possibility plan to obtain necessary components from second resources or collaborative work resources, and detect potential problems. Factors related to the external environment include: (1) customer supply items or information, (2) Interaction member or interaction group dependency, (3) internal or external forwarding relationship, (4) availability of experienced personnel, (5) Reuse of projects. Project Manager Alliance article

4. Technical Risks

The rapid development of software technology and the lack of experienced employees mean that the project team may be affected by technical skills. In the early stages, identifying risks and taking appropriate preventive actions are critical to solving risks, such as training, hiring consultants, and recruiting appropriate talents for the project team. There are mainly the following risk factors: (1) lack of training, (2) insufficient understanding of methods, tools and technologies, (3) insufficient experience in the application field, and (4) new technologies and development methods.

5. Manage Risks

Although management issues constrain the success of many projects, do not be surprised because the risk management plan does not include all management activities. In most projects, project managers are often people who write project risk management plans. They have inherent limitations-checking their own errors is the most difficult. However, problems like these may make project success more difficult. If you do not face up to these thorny problems, they are likely to affect the project itself at a certain stage of the project. When we define the project tracking process and clarify the project roles and responsibilities, we can deal with these risk factors: (1) inadequate planning and task definition, (2) actual project status, (3) project Owners and decision makers are unclear. (4) unrealistic commitments and (5) communication between employees.

6. Security Risks

Software products are creative products, and their core technologies are very important to keep confidential. However, for a long time, we have a relatively weak security awareness in the software field. The development of software products mainly focuses on the technology itself, while ignoring the protection of patents. The flow of technical personnel in the software industry is a common phenomenon. With the loss and change of technical personnel, the leakage of products and new technologies can easily lead to the theft of our software products, the project fails. In addition, there is no clear industry specification for the identification of intellectual property rights in software, which is also a potential risk for our software projects.

Iii. risk analysis, management and control

1. Risk Analysis

All the risks mentioned above are huge risks of project success or failure. They have great impact on the success or failure of software development projects. We can use risk analysis tools to analyze the above risks, and Control and Management to minimize risks. A risk entry checklist is commonly used to help project risk managers understand the risks of projects and technologies by using a set of questions. The risk entry checklist lists all possible questions related to each risk factor, allowing risk managers to focus on identifying common, known, and predictable risks, such as product scale risks, dependency risks, demand risks, management risks and technical risks. The risk entry checklist can be organized in different ways, and answers to these questions through hypothesis analysis, cost-benefit analysis, risk profile analysis, and decision tree, project management personnel can estimate the impact of risks.

In addition, we can create a risk control overview chart based on the risk entry checklist (see figure 1 ), the project management and implementation personnel can intuitively see the risks and sizes in the project development phase, and take corresponding measures. From the probability of risk occurrence, the demand risk and management risk have the greatest impact on the project's success or failure. After a software project development team takes over the project, it is customary to develop software. Demand risk awareness is relatively weak, and the completion of the software demand analysis phase is not detailed enough, ignoring and many necessary content for software development. Risk Control in the demand analysis stage is particularly important throughout the software development process. If the control is not good, it will have a huge impact on the software development project, or even fail. Management Risk is actually a reflection of the project development management's awareness of the risks of project development. Most software enterprises in China are small in size. They are young, have insufficient development experience, have relatively young software engineers, lack experience in opening large-scale software projects, and lack experience in management, especially risk management, it is even more lacking.

Blog.mypm.net

2. Risk management

Risk management should be an important task throughout the beginning and end of software project development, including risk identification, risk assessment, risk planning, risk resolution and risk monitoring. It enables risk managers to actively "circumvent" risks and conduct effective risk management. Risk management models include sei risk management model, Riskit risk management model, softrisk risk management model, IEEE risk management process model, CMMI risk management model, and MSF risk management model. In project management, it is very important to establish risk management policies and continuously control risks in the project lifecycle. Risk management consists of five phases: www.mypm.net

(1) Risk Identification: common risk identification methods include on-site observation, discussion, flowchart, financial statement, coordination of relevant departments, and environmental analysis. Project Manager Alliance Article (2)
Risk Assessment: it is necessary to estimate and evaluate identified risks. The main task of risk estimation is to determine the probability and consequence of risk occurrence, risk assessment is to determine the economic significance of the risk and the cost/efficiency analysis of the risk. Common methods include probability distribution, external push method, and multi-objective analysis method.

(3) plan progress: formulate corresponding risk management schedules based on the assessed risk results to provide reference for subsequent risk management.

(4) risk management: Generally, there are three methods for risk management. ① risk control method: Take measures to avoid risks, eliminate risks, moderate risks, or adopt emergency solutions to reduce risks. ② Leave risks on your own. When the risk volume is small, you can leave the risk. ③ Risk transfer. Project Management Forum

(5) Risk Monitoring: includes monitoring of risk occurrence and risk management. The former monitors and controls identified risk sources, the latter is the organization and technical measures that supervise people to seriously implement risk management during project implementation.

3. Risk Control

(1) Establish an organization's project manager circle for Effective Risk Control

① Set up a risk management position: Set up a risk management position in the software development project management process. This position is mainly responsible for the formulation and evaluation of the planning, from the perspective of risk management, review and comment on the Project Plan or plan, constantly look for any unexpected situations, and try to point out the management policies and common management methods for each risk, to handle the risks at any time, it is best for the risk manager to be held by persons other than the project supervisor. The number of persons in risk management positions is determined by the project size. Generally, 2-3 persons are suitable.

② Double Project Manager: Two Project Manager positions are set for the project development project. One is responsible for technical positions and the other is responsible for management positions. Currently, the project managers of software development enterprises in China are generally one, and they are the absolute majority of technologies born. They are mainly good at technology R & D and lack of management, this is not conducive to project risk management and control. By adding a dedicated management manager, you can make up for the shortcomings of the technical-born project manager and improve the management level of software development projects. This experience has also been recognized by most enterprises in the foreign industry.

(2) establish an effective risk control management process

The risk management process includes training, risk identification, risk analysis, risk plan, execution plan, and tracking plan. The effective risk management process should be learning, continuous, and continuously improved. Software Enterprises should establish their own risk management databases as the basis for risk management, and constantly update and improve them during implementation. Project Manager Alliance article

Scientific project risk and control based on the actual situation of enterprises and projects play an important role in the successful project R & D. In the process of project development, conduct necessary project risk analysis and formulate risk assessment and supervision mechanisms in line with the characteristics of the project. In particular, it is necessary to regularly assess and supervise the project's risk status, when detecting unexpected risks or risks that exceed expectations, you must pay attention to them. Report the problem immediately and resolve it as soon as possible. Establish Risk Monitoring logs and implement the "post responsibility system" to minimize the risks of software development projects. Project Manager blog

Reprint from http://www.mypm.net/articles/show_article_content.asp? ArticleID = 18408 & pageno = 3